PPP Options 105
Asynchronous interfaces can assign predefined IP addresses to dial-up clients using the
following command:
RouterA(config-if)#peer default ip address {ip-address
| dhcp | pool poolname}
The dhcp and pool options require global configuration of a pool of addresses using the
following command:
RouterA(config)#ip local pool poolname start-address end-address
The poolname must match the poolname in the peer default ip address command.
It is possible for the dial-up client to assign his or her own address. To do this, use the async
dynamic address command at the interface level.
PPP Options
As mentioned, LCP negotiates a number of parameters. This section goes into more detail
regarding those parameters.
LCP negotiation enables you to add features to your PPP configuration. The additional options
are as follows (more details are in upcoming sections of this chapter):
·
Authentication--By using either PAP or CHAP (discussed later) to authenticate callers,
this option provides additional security. Implementation of this option requires that
individual dial-up clients identify themselves and provide a valid username and password.
·
Callback--This option can be used to provide call and dial-up billing consolidation. A
user dials into the network and disconnects; then, the access server dials the user back and
a connection is established.
·
Compression--Compression is used to improve throughput on slower-speed links. Care
should be taken when implementing compression. The topic of compression is discussed
later in this book.
·
Multilink PPP--This option takes advantage of multiple ISDN B channels. Multilink is
a standardized method of bundling B channels to aggregate their bandwidth. Data is
transmitted across multiple links and reassembled at the remote end.
PPP Authentication
The topic of authentication has been touched on throughout this chapter. At this point, it is
finally time to get down to specifics.
PPP authentication offers two options--PAP and CHAP. These two protocols offer differing
degrees of protection. Both protocols require the definition of usernames and accompanying
passwords. This can be done on the router itself or on a TACACS or RADIUS authentication
server. The examples we deal with in this book are those in which the router itself is configured
with all usernames and passwords.